Date: Mon, 02 Dec 2024 21:11:49 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 270404] comsat is willing to try to read and display any file Message-ID: <bug-270404-227-T0WzpTxB68@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-270404-227@https.bugs.freebsd.org/bugzilla/> References: <bug-270404-227@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D270404 --- Comment #7 from commit-hook@FreeBSD.org --- A commit in branch stable/14 references this bug: URL: https://cgit.FreeBSD.org/src/commit/?id=3D957f7a2a58e550bd31d8ebec67f99d190= 87746a2 commit 957f7a2a58e550bd31d8ebec67f99d19087746a2 Author: Ed Maste <emaste@FreeBSD.org> AuthorDate: 2024-11-27 20:36:46 +0000 Commit: Ed Maste <emaste@FreeBSD.org> CommitDate: 2024-12-02 21:10:31 +0000 comsat: Improve use of setuid() Just return from jkfprintf if either (a) user lookup fails (that is, getpwnam fails) or (b) setuid() to the user's uid fails. If comsat is invoked from inetd using the default of tty:tty we will now return due to setuid() failing rather than fopen() failing. PR: 270404 Reviewed by: kevans Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D47823 (cherry picked from commit 062b69ba045dc0fef3d9b8d73365d2798c05a480) libexec/comsat/comsat.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-270404-227-T0WzpTxB68>